I just ran a memory scan, and results are quite odd. fwservice.exe was detected as a malware (win 32: sql slammer), but actually it’s a Pctools firewall plus process…so, I think it’s a false positive. Can anyone who use pc tools Fw confirm this by simply doing a memory scan?? Thanks 
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
-
avast4 - Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
-
avast5 - Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect* That will stop the File System Shield scanning any file you put in that folder.
Now it’s sure, it’s a FP:
Even avast 4.8 doesn’t detect it…it’s an avast 5 problem…
Hi,
memory scan? – what did you upload to virustotal – memory dump? No.
The file you uploaded to VT avast! v5 don’t detect too. But in memory was found some uncryted malware signature (maybe belongs to PC tools FW).
Milos
Ok, i’m not an expert, but here’s a screenshot
Hello,
yes uncryted malware signature in memory belonging to PC tools FW.
Milos
Bad form in not encrypting signatures, but why a firewall has malware scanning is beyond me unless it is a security suite, so I would have thought uninstalling/disabling PC Tools malware scanning element.